Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Re:Metastability (Score 1) 119

I heard the lead on a Science Friday interview - he invited everybody in academia to come to his lab to learn the technique on how to make it, as he wants everybody working on the material. It sounds like they can fairly easily do it again, so I am surprised this article makes no note of that.

Well, "surprised" in that I pretend journalism doesn't exist just to sell ads.

Comment Re:Talk about a subset of a subset (Score 1) 29

Computer power makes backwards compatibility just a matter of an additional layer between old and new and old software being more compact means no appreciable speed loss, with that compatibility layer. Everyone knows the big uppercut is coming, Android and of course the Linux distribution that underpins that. M$ huge failure of phones and desktops is creating a software ecology that will spread to the new desktops, without windows. M$ is rapidly becoming the company people love to hate and that is death for any company, how many billions have they spent on brand advertising, just to blow it all away by being privacy invasion control freak perves that make stupendously arrogant demands upon their customers rights.

Comment Re:The end is nigh... (Score 1) 39

Out of curiosity: what is the current status of the stuff posted on DA? Mandatory "free" license like CC? Artist sets the license? Small print that says DA reserve the right to use the content in any way it sees fit? And has DA ever actually exercised such a right before? In any case, this just goes to show that all cool free services eventually turn into ad peddling and/or privacy raping dicks, or sell out to similar dicks.

Comment Re:What should happen and what will happen (Score 1) 110

But this is exactly why good password hashing algorithms are moving to RAM consumption as the primary barrier. It's pretty trivial for a server with many GiB of RAM to allocate 256 MiB to hashing a password, for a few milliseconds, but it gets very costly, very fast, for the attacker. And if you can't afford 256 MiB, how about 64?

Using memory dependent hashes works better if one is a small server since one will rarely have a lot of people sending in their passwords at the same time, so the RAM space you need isn't that large. If you are a large organization then this doesn't work as well because you then need room to be able to do many such calculations functionally simultaneously.

Nope. The leverage factor in the password hashing case is linear, since the entropy of passwords is constant (on average). The leverage factor for cryptographic keys is exponential. The reason we don't use much longer keys for public key encryption, etc., is because there's no point in doing so, not because we can't afford it. The key sizes we use are already invulnerable to any practical attack in the near future. For data that must be secret for a long time, we do use larger key sizes, as a hedge against the unknown.

I agree that there's a linear v. exponential difference there(although for many of these it is more like linear and subexponential due to algorithms like the number field sieve), but the rest of your comment is essentially wrong. We keep keys just long enough that we consider it to be highly unlikely that they are going to be vulnerable, but not much more than that. That's why for example we've been steadily increasing the size of keys used in RSA, DH and other systems. Note by the way that part of the concern also is that many of these algorithms require a fair bit of computation not just on the server side but on the client side as well which may be a small device like a tablet or phone. In fact, it would be a lot safer if we increased key sizes more than we do, but there are infrastructural problems with that. See e.g. discussion at http://crypto.stackexchange.com/questions/19655/what-is-the-history-of-recommended-rsa-key-sizes The only way that the linear v. exponential(or almost exponential) comes into play is how much we need to increase the underlying key size or how long we need to make the next hash system if we want it to be secure. Keys only need to be increased a tiny bit, whereas hashes need to grow a lot more. But in both cases we're still not making them any longer than we can plausibly get away with for most applications.

Comment Re: s/drug trials/climate change/g (Score 1) 253

Are you unfamiliar with the phrase "hand waving", or just being deliberately obtuse?

Science is about numerically accurate, falsifiable predictions. We need some of those in the Climate Change debate, but the science isn't there yet. Non-scientists like yourself, however, are happy to substitute hand waving (like a magician, hoping to distract the audience from the lack of substance).

Comment Dont worry I've got a backup (Score 3, Funny) 119

As it turns out I have a backup sample, because you have to keep it at incredibly high pressure I keep it in the much more reliably pressurized environment of a dorm room with two Chemical Engineering majors.

Indeed because of the pressures involved I had to add some padding around the sample to prevent the rare metal from being crushed.

You can come collect it whenever, except of course when there's a sock on the door handle (P.S. there is never a sock on the door handle).

Comment Difficult material remains difficult (Score 5, Informative) 119

As I recall the biggest problem they had in making the stuff in the first place was constantly shattering the diamonds when they tried to shine light through them. Also, the breathless talk of this revolutionizing every industry under the sun is tremendously overblown. Right now these are laboratory curiosities, they may very well amount to nothing.

Comment Re:Lack of understanding rather than nefarious (Score 1) 89

As a liberal who knows a thing or two about the guts of ISPs I had many arguments about the wisdom of many "Net Neutrality" proposals with my friends. Some of the requirements people wanted amounted to being expected to fill out your tax forms while riding a unicycle along a tight rope.

Of course, the entire concept is bull. The (non-government) Internet developed under freedom of companies to freely decide to interconnect according to their business needs. Often one ISP rejected another until a mutually-agreeable solution could be worked out. Some ISPs could peer with others, some had to pay.

Any of the "OMG not neutral!" stuff I hear about today is about someone making big money from pushing Tbps of content into someone else's network and expecting that company to pay for all of it. It takes two to tango.

And while there may come a day when some end-user ISP is dumb enough to actually try to provide less-than-Internet to their subscribers, to date it hasn't really happened (sorry pirates), even in situations where the ISP is granted a local monopoly (which, of course, is the real lack of Internet freedom).

Slashdot Top Deals

Today is the first day of the rest of your lossage.

Working...